!628 修复 CVE-2023-50387 和 CVE-2023-50868

From: @huyubiao Reviewed-by: @licunlong Signed-off-by: @licunlong
2024-04-17 12:20:12 +00:00 · 2024-04-17 12:20:12 +00:00 · 5f89cf3843
commit 5f89cf3843
parent 2b20884ae6 633eb2deae
3 changed files with 6 additions and 3 deletions
--- a/backport-resolved-limit-the-number-of-signature-validations-i.patch
+++ b/backport-resolved-limit-the-number-of-signature-validations-i.patch
--- a/backport-resolved-reduce-the-maximum-nsec3-iterations-to-100.patch
+++ b/backport-resolved-reduce-the-maximum-nsec3-iterations-to-100.patch
--- a/systemd.spec
+++ b/systemd.spec
@ -25,7 +25,7 @@
 Name:           systemd
 Url:            https://systemd.io/
 Version:        255
-Release:        8
+Release:        9
 License:        MIT and LGPLv2+ and GPLv2+
 Summary:        System and Service Manager

@ -55,8 +55,8 @@ Patch6001:      backport-Revert-sysctl.d-switch-net.ipv4.conf.all.rp_filter-f.pa
 Patch6002:      backport-Avoid-tmp-being-mounted-as-tmpfs-without-the-user-s-.patch
 Patch6003:      backport-temporarily-disable-test-seccomp.patch
 Patch6004:      backport-core-exec-do-not-crash-with-UtmpMode-user-without-Us.patch
-Patch6005:      backport-resolved-limit-the-number-of-signature-validations-i.patch
-Patch6006:      backport-resolved-reduce-the-maximum-nsec3-iterations-to-100.patch
+Patch6005:      backport-CVE-2023-50387.patch
+Patch6006:      backport-CVE-2023-50868.patch

 Patch9008:      update-rtc-with-system-clock-when-shutdown.patch
 Patch9009:      udev-add-actions-while-rename-netif-failed.patch
@ -1638,6 +1638,9 @@ fi
 %{_libdir}/security/pam_systemd_loadkey.so

 %changelog
+* Wed Apr 17 2024 huyubiao <huyubiao@huawei.com> - 255-9
+- fix CVE-2023-50387 and CVE-2023-50868
+
 * Mon Apr 08 2024 GuoCe <guoce@kylinos.cn> - 255-8
 - Update outdated URL